Recall, a group of researchers from North Carolina State University reported the discovery of a particular method, as any application can gain access to the WRITE_SMS, that is, the device can simulate the arrival of the free text SMS from any number. A similar function is extremely useful for attacks like SMiShing (SMS-phishing). Attackers can send fake SMS to the user from a trusted numbers containing a malicious link.
"Vulnerability in Android, allowing to simulate the arrival of SMS from any number, is especially dangerous because of recent events clearly show that a combination of social engineering by using malicious software can deceive a substantial number of people and get them to do what is beneficial attackers - says experts eScan in Russia and the CIS. - The situation is aggravated by the fact that almost all Android-devices have a constant connection to the Internet, which may contribute to the rapid rise of a possible avalanche of the epidemic. "
